<?php 
session_start();
define("CCTRL", "user");
define("CCTRLNAME", "user");
define("TOKEN", "940cc81cec5c7e119162e62bd57710f0d");
define("SECRETKEY", isset($_SESSION["ADP"]["USER"]["Email"])?md5($_SESSION["ADP"]["USER"]["Email"]):"e177f0f859ebb5869ee84566bec4f05b");

class user extends CI_Controller  {

        /**
        * Index Page for this controller.
        *
        * Maps to the following URL
        * 		http://example.com/index.php/welcome
        *	- or -  
        * 		http://example.com/index.php/welcome/index
        *	- or -
        * Since this controller is set as the default controller in 
        * config/routes.php, it's displayed at http://example.com/
        *
        * So any other public methods not prefixed with an underscore will
        * map to /index.php/welcome/<method_name>
        * @see http://codeigniter.com/user_guide/general/urls.html
        */
       private $_configs = null;
       function __construct()
        {
            parent::__construct();
            $this->load->helper('url');
            $this->load->library('smarty3');
            include APPPATH . 'libraries/defu.php';
            $this->load->model('backend/oauth_model');
            $this->load->model('backend/authority_model');
            $this->authority_model=new authority_model();
            $this->oauth_model=new oauth_model();
            $this->smarty=new CI_Smarty3();
            
        }
        
        public function index()
	{
            if(!isset($_SESSION["ADP"]["USER"])){
                $this->smarty->display("backend/00_login"); 
                return;
            }
            if(!checkAuthority(CCTRLNAME,false)){
                $this->smarty
                        ->assign('_SESSION', $_SESSION)
                        ->display("backend/00_accessdenied");
                return;
            }
            $Data=null;
            $Data["Accs"]=$this->oauth_model->gets();
            $Aus=$this->authority_model->gets();
            foreach ($Aus as $au){
                $Data["Aus"][$au->Keyword]=$au;
            }
            $this->smarty
                    ->assign('_SESSION', $_SESSION)
                    ->assign('Data', $Data)
                    ->display("backend/".CCTRL."/".CCTRL);
	}
        function upgraded($token=""){
            if(!isset($_SESSION["ADP"]["USER"])){
                $code=-1;
                $msg = "Bad request!";
            }elseif(TOKEN!=$token || SECRETKEY !=md5($_SESSION["ADP"]["USER"]["Email"])){
                $code=-1;
                $msg = "Token is invalid!"; 
            }else{
                $Position=$_SESSION["ADP"]["USER"]["Position"];
                $ID=$_POST["ID"];
                if($this->oauth_model->upgraded($ID,$Position)){
                    $code=1;
                    $msg = "user have been upgraded!";
                }else{
                    $code=-1;
                    $msg = "fail, please try again!";
                }
            }
            echo json_encode(array("code"=>$code,"msg"=>$msg));
        }
        function gradedToUser($token=""){
            if(!isset($_SESSION["ADP"]["USER"])){
                $code=-1;
                $msg = "Bad request!";
            }elseif(TOKEN!=$token || SECRETKEY !=md5($_SESSION["ADP"]["USER"]["Email"])){
                $code=-1;
                $msg = "Token is invalid!"; 
            }else{
                $Position=$_SESSION["ADP"]["USER"]["Position"];
                $ID=$this->input->post("ID",true);
                $up=$this->input->post("Up",true);
                if($up==1){
                    $params=array("AuthorityName"=>"User");
                }else{
                    $params=array("AuthorityName"=>"View");
                }
                if(!$ID){
                    $code=-1;
                    $msg = "Bad request!";
                }elseif($this->oauth_model->update($ID,$Position,$params)){
                    $code=1;
                    $msg = "Đã thay đổi quyền cho người dùng!";
                }else{
                    $code=-1;
                    $msg = "Lỗi hệ thống! vui lòng thử lại sau ít phút.";
                }
            }
            echo json_encode(array("code"=>$code,"msg"=>$msg));
        }
        function downgraded($token=""){
            if(!isset($_SESSION["ADP"]["USER"])){
                $code=-1;
                $msg = "Bad request!";
            }elseif(TOKEN!=$token || SECRETKEY !=md5($_SESSION["ADP"]["USER"]["Email"])){
                $code=-1;
                $msg = "Token is invalid!"; 
            }else{
                $Position=$_SESSION["ADP"]["USER"]["Position"];
                $ID=$_POST["ID"];
                if($this->oauth_model->downgraded($ID,$Position)){
                    $code=1;
                    $msg = "Đã thay đổi quyền cho người dùng!";
                }else{
                    $code=-1;
                    $msg = "Lỗi hệ thống! vui lòng thử lại sau ít phút.";
                }
            }
            echo json_encode(array("code"=>$code,"msg"=>$msg));
        }
        function apply($token=""){
            if(!isset($_SESSION["ADP"]["USER"])){
                $code=-1;
                $msg = "Bad request!";
            }elseif(TOKEN!=$token || SECRETKEY !=md5($_SESSION["ADP"]["USER"]["Email"])){
                $code=-1;
                $msg = "Token is invalid!"; 
            }else{
                $Position=$_SESSION["ADP"]["USER"]["Position"];
                $ID=$_POST["ID"];
                $authority=  strtolower($_POST["Authority"]);
                $authority=  str_replace("admin", "", $authority);
                if($this->oauth_model->applyAuthority($ID,$authority,$Position)){
                    $code=1;
                    $msg = "Đã thay đổi quyền cho người dùng!";
                }else{
                    $code=-1;
                    $msg = "Lỗi hệ thống! vui lòng thử lại sau ít phút.";
                }
            }
            echo json_encode(array("code"=>$code,"msg"=>$msg));
        }
}

/* End of file welcome.php */
/* Location: ./application/controllers/welcome.php */